Solved

Attempting Strange VPN Setup

Posted on 2006-11-04
7
206 Views
Last Modified: 2010-03-18
I want to attempt a strange VPN setup (strange to me).  I'd like to ask the routing experts here if this setup will work.  I've linked Network map of what I want to try.

http://www.bradfox.info/images/DoesThisWork.pdf

Router A is my home Internet Gateway.  The real LAN IP is 192.168.0.1 (wrong on the map)
Router B will be a VPN endpoint to work and will use Router A as it's Internet Gateway

I want to know if using the static route shown on Router A and the mis-matching subnets on router B will allow traffic to 192.168.1.x network to route correctly.  I know I'm probably breaking all kinds of RFC rules but I don't care, it's my home network.

I do not want to route all internet traffic through Router B because it's a POS and crashes games but will sustain a RDP connection just fine to work.
0
Comment
Question by:mcsween
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 22

Author Comment

by:mcsween
ID: 17874999
I forgot to mention, Router A is the main gateway for all PCs on my home network.
0
 
LVL 22

Author Comment

by:mcsween
ID: 17875026
I just realized that Router B probably needs some kind of static route to get traffic from the 192.168.1.x network back to 192.168.0.10.  I'm not sure how that would work tho...
0
 
LVL 8

Expert Comment

by:saw830
ID: 17878296
Hi,

Hummm.... there are several much better ways of doing this, but since Router B is "a POS and crashes games", I take it that you can't or won't replace it.  (You didnt' ask this part, but if that were mine I'd try to work out what was breaking and get it fixed.  Probably just needs a firmware upgrade.)

I doubt that router B will let you set it up that way.  It has it's WAN and LAN ports in the same network.  Usually they are smarter then that and not let you save the configuration.  That's rather like me asking you to pass a message to Mary when I'm as close to her as you are.

You didn't say what your PC operating system is, so I'll assume some recent version of Windows, perhaps 2000 or XP.  If so, it can have two addresses at the same time.  Here's what I'd do:

Set the LAN port of Router B to 10.1.1.1/255.255.255.0, but leave the rest of the network as your drawing shows.  Assign 10.1.1.2/255.255.255.0 to your PC as a second address.  On your PC open a command prompt and type the command: ROUTE ADD 192.168.1.0 MASK 255.255.255.0 10.1.1.1 -P

I've never done this exactly, but I believe that it will work.  Also, it's unorthodox, but given your constraints, should be doable.

Hope this helps,
Alan
0
Plug and play, no additional software required!

The ATEN UE3310 USB3.1 Gen1 Extender Cable allows users to extend the distance between the computer and USB devices up to 10 m (33 ft). The UE3310 is a high-quality, cost-effective solution for professional environments such as hospitals, factories and business facilities.

 
LVL 22

Author Comment

by:mcsween
ID: 17914262
Well, I'm using a 255.255.255.240 subnet on the WAN and LAN side of the router with IPs in different ranges.  This should allow me to assign 192.168.1.240 to the WAN and 192.168.1.5 to the LAN side, shouldn't it?

I previously had the dual NIC scenerio setup with static routes but that was causing some issues with other applications I run.
0
 
LVL 8

Accepted Solution

by:
saw830 earned 500 total points
ID: 17926402
Hi,

You are correct, a 255.255.255.240 mask will certainly break the larger net into smaller networks.  Your ip addresses are okay except that your 240 address is on a boundary and needs to move up one to 192.168.1.241.  The actual ranges for those addresses, using the 255.255.240 mask are:
192.168.1.5 is in the 192.168.1.0 network with 192.168.1.1 - 192.168.1.14 useable addresses.
192.168.1.241 is in the 192.168.1.240 network with 192.168.1.241 - 254 useable addresses.

Alan
0
 
LVL 22

Author Comment

by:mcsween
ID: 17948876
yea, 241, that's what I had in my drawing, just typoed it here.

I'm still need a static route to get traffic back to 192.168.0.10 from the 192.168.1.0 network.  Any idea how this route would look?
0
 
LVL 8

Expert Comment

by:saw830
ID: 17975605
Hi,

Okay, I've slept a couple times since I last looked at this, so I may be off a little, but I'll give it a shot....

The Work Gateway device needs to have a route added for 192.168.0.0 255.255.255.0 pointing to Router B.  If Work Gateway were a PC, which I expect that it isn't, then the command wouuld be ROUTE ADD 192.168.0.0 MASK 255.255.255.0 10.1.1.1, I *think*, but it will probably depend on what type of VPN you are doing.  Due to the configuration, Router B is in the middle of everything and knows how to get to all three networks.

Hope this helps, but it's eary monday morning here and I'm still a bit fuzzy....

Alan
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses
Course of the Month8 days, 8 hours left to enroll

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question